As a less immediate, longer term project, I'd like to request generic PBKDF2 (also known as RFC2898 and PKCS#5) support, in whichever applications can reasonably support it. For hash algorithms, I'd say SHA1, SHA256, and SHA512 are the top three in use (with SHA1 winning by a large margin). As we already have WPA support (which I believe is, for the PMK derivation, PBKDF2(passphrase, ssid, 4096, 256[bits])), the algorithm structure has already been coded.

Note that one new feature for the general case would be pulling in either four or five parameters, instead of our previous 1 or 2:
1 - Passphrase
2 - salt
3 - number of iterations
4 - length in bits or bytes of the derived key (output)
5 - HMAC to be used

Anyone crafting a modern, well secured password storage system is likely using PBKDF2, scrypt, or bcrypt (per https://www.owasp.org/index.php/Password...heat_Sheet). These systems need to be audited just like any other system, to see who chose "P@$$w0rd123" as their password.

SQLCipher:http://sqlcipher.net/design
"When initialized with a passphrase SQLCipher derives the key data using PBKDF2 (OpenSSLâ€™s PKCS5_PBKDF2_HMAC_SHA1). Each database is initialized with a unique random salt in the first 16 bytes of the file. This salt is used for key derivation and it ensures that even if two databases are created using the same password, they will not have the same encryption key. The default configuration uses 4000 iterations for key derivation (this can be changed at runtime using â€œPRAGMA kdf_iterâ€)."